<?php

class User_Model extends Model {

    function User_Model()
    {
        // Call the Model constructor
        parent::Model();
    }
    
    function get_users()
    {
		$this->load->database();
		$this->load->helper('string');
		
		$query = $this->db->query("SELECT ID, user_login, user_pass, user_email, user_url FROM gcms_users");
		
		echo '<table border="0" cellpadding="2" cellspacing="2" style="width:100%">';
		echo '<thead style="background:#E4E4E4"><th>id</th><th>username</th><th>email</th><th>website</th><th>action</th></thead>';
		echo'<tbody>';
		$i = 0;
		foreach ($query->result() as $row)
		{
			if($i == 0) $colour = "#F4F4F4"; 
			else $colour = "#E4E4E4"; 
			
			echo '<tr style="background:'.$colour.'"><td>'.$row->ID.'</td><td>'.$row->user_login.'</td><td>'.$row->user_email.'</td><td>'.$row->user_url.'</td><td><a href="'.base_url().'users/edit/'.$row->ID.'">edit</a> | <a href="#" onclick="deleteUser(\''.$row->ID.'\');">delete</a></td></tr>';
			
			$i++;
			if($i > 1) $i = 0;
		}
		echo'</tbody>';
		echo'</table>';
    }

    function insert_user()
    {
		$this->load->database();
		
		/*** first check that both the username, password and form token have been sent ***/
		if(!isset( $_POST['user'], $_POST['pass']))
		{
		    $error = true;
		}
		elseif (strlen( $_POST['user']) > 50 || strlen($_POST['user']) < 4)
		{
		    $error = true;
		}
		elseif (strlen( $_POST['pass']) > 50 || strlen($_POST['pass']) < 4)
		{
		    $error = true;
		}
		elseif (ctype_alnum($_POST['user']) != true)
		{
		    $error = true;
		}
		elseif (ctype_alnum($_POST['pass']) != true)
		{
		    $error = true;
		}
		else {
			$error = false;
		}

		if(!$error){
			$username = mysql_real_escape_string($_POST['user']);
			$password = mysql_real_escape_string($_POST['pass']);

			$password = md5($password);
			
			$data = array(
	               'user_login' => $username,
	               'user_pass' => $password
	            );

			$this->db->insert('gcms_users', $data); 
		}
    }

    function update_user()
    {
		$this->load->database();
		
		/*** first check that both the username, password and form token have been sent ***/
		if(!isset( $_POST['user'], $_POST['pass'], $_POST['pass_conf']))
		{
		    $error = true;
		}
		elseif ( $_POST['pass'] != $_POST['pass_conf'] )
		{
		    $error = true;
		}
		elseif (strlen( $_POST['user']) > 50 || strlen($_POST['user']) < 4)
		{
		    $error = true;
		}
		elseif (strlen( $_POST['pass']) > 50 || strlen($_POST['pass']) < 4)
		{
		    $error = true;
		}
		elseif (ctype_alnum($_POST['user']) != true)
		{
		    $error = true;
		}
		elseif (ctype_alnum($_POST['pass']) != true)
		{
		    $error = true;
		}
		else {
			$error = false;
		}

		if(!$error){
			$username = mysql_real_escape_string($_POST['user']);
			$password = mysql_real_escape_string($_POST['pass']);
			$pass_conf = mysql_real_escape_string($_POST['pass_conf']);
		
			$email = $_POST['email'];
			$url = $_POST['url'];
			
			$data = array(
	               'user_login' => $username,
	               'user_pass' => md5($password),
				   'user_email' => $email,
				   'user_url' => $url
	            );

			$this->db->where('ID', $this->uri->segment(3));
			$this->db->update('gcms_users', $data); 
			redirect('/users/edit/'.$this->uri->segment(3), 'refresh');
		}
    }
	
	function delete_user($id)
	{
		$this->load->database();
		$this->db->where('ID', $id);
		$this->db->delete('gcms_users'); 
	}

}

?>